Assurance system and assurance method

Abstract

In a client PC or device, the reliability of multiplexed authentication servers is assured. In an assurance system including a client PC (1-1, 1-3), an authentication server 1 (1-7), and a device (1-5) connected to a network, a multiplexed system is built by arranging an authentication server 2 (1-8) in order to back up the authentication server 1 (1-7), public key cryptography is used for encrypted communication between the client PC, the authentication servers 1 and 2, and the device, and the public keys of the authentication servers 1 and 2 are electronically signed by using the private key of one system administrator (1-10) by public key cryptography.

Description

FIELD OF THE INVENTION [0001] The present invention relates to an assurance system including a plurality of client server PCs, devices, and an authentication server which authenticates users who will use the client server PCs and devices and controls access to resources and, more particularly, a duplexed system (redundant system) which backs up the function of an authentication server when failures occur in it and, more particularly, a system which imparts reliability to a plurality of authentication servers including the redundant system and confirms the reliability. BACKGROUND OF THE INVENTION [0002] If a user wants to use a resource of some kind on a logic domain including client PCs, servers, and devices connected to a network, authentication of the user and grant of a resource access right are necessary. An authentication server in the client server system makes use of its function to authenticate the user and grant an access right on the basis of a unique or standardized proto...

AI Technical Summary

Benefits of technology

[0020] The present invention has been proposed to solve the conventional problems, and has as its objects to provide an assurance system and assurance method which assure, in a client PC or device, the reliability of a multiplexed authentication server.

Problems solved by technology

However, if a failure occurs in only authentication server in the domain, the functions such as user authentication and grant of an access right cannot operate at all.

In this state, the user can obtain neither authentication nor a use right from the authentication server and therefore cannot use a desired resource such as a device or file server even when it normally runs.

However, if the plurality of authentication servers are simultaneously running, a problem arises as described above.

On the other hand, a new problem arises from the viewpoint of reliability of the security function for which the authentication server has responsibility.

That is, imposing of the authentication server itself may occur.

In this case, the mechanism which assures the reliability of the authentication servers to be activated for backup is imperfect.

Alternatively, a password may be stolen from authentication procedures for a regular user.

That is, various kinds of problems in security arise.

Such a rogue server which causes many problems in security must be inhibited from taking part in the domain as a backup authentication server.

However, it is difficult for a client PC or device on the domain to determine whether the second-priority authentication server, i.e., backup authentication server is reliable.

This can be regarded as a security hole in the authentication server multiplexed system because it permits imposing of the multiplexed authentication servers in the domain.

Additionally, the conventional administrator password authentication method cannot completely prevent imposing of authentication servers.

That is, the system user is caused to set the false address.

Once the user sets the address of the imposing authentication server in the client PC or device, various kinds of problems in security, as described above, arise when the first-priority authentication server goes down due to a failure.

Images